I just finished a small hackathon project at work. We have a customer facing site built on django. I implemented and demoed a feature that lets users link their existing accounts to consumer identity providers.

I used ACS to do this of course 🙂 I also went ahead and tried out the latest Identity and Access tools for VS, pleasently impressed with how awesome they are. Fantastic work!

(as you mentioned) it seams to have the session information but not the token from the idp so subsequent calls using "poorman's" delegation fails.

any thoughts?

]]>Comment on Single Sign On with Windows Azure Active Directory: a Deep Dive by buuren94@zonnet.nlhttps://blogs.msdn.microsoft.com/vbertocci/2012/07/12/single-sign-on-with-windows-azure-active-directory-a-deep-dive/#comment-13393
Fri, 25 Jan 2013 12:00:57 +0000https://blogs.msdn.microsoft.com/vbertocci/2012/07/12/single-sign-on-with-windows-azure-active-directory-a-deep-dive/#comment-13393Great in depth explanation. Now the WAAD is GA the url for retriving the federationmetadata has changed to accounts.accesscontrol.windows.net/…/FederationMetadata.xml.

Michiel

]]>Comment on Group & Role Claims: Use the Graph API to Get Back IsInRole() and [Authorize] in Windows Azure AD Apps by ChriMetzhttps://blogs.msdn.microsoft.com/vbertocci/2013/01/22/group-role-claims-use-the-graph-api-to-get-back-isinrole-and-authorize-in-windows-azure-ad-apps/#comment-13383
Wed, 23 Jan 2013 07:26:29 +0000https://blogs.msdn.microsoft.com/vbertocci/2013/01/22/group-role-claims-use-the-graph-api-to-get-back-isinrole-and-authorize-in-windows-azure-ad-apps/#comment-13383Thanks a lot! This closes the gap between what was currently out there in your documentation. Next step for me would be, to get to know how to authorize a second Azure AD within my application.
]]>Comment on Group & Role Claims: Use the Graph API to Get Back IsInRole() and [Authorize] in Windows Azure AD Apps by Wouterhttps://blogs.msdn.microsoft.com/vbertocci/2013/01/22/group-role-claims-use-the-graph-api-to-get-back-isinrole-and-authorize-in-windows-azure-ad-apps/#comment-13373
Tue, 22 Jan 2013 22:14:04 +0000https://blogs.msdn.microsoft.com/vbertocci/2013/01/22/group-role-claims-use-the-graph-api-to-get-back-isinrole-and-authorize-in-windows-azure-ad-apps/#comment-13373This is exactly what I was looking for. I couldn't understand how to retrieve the symmetric key for accessing the graph after using the mvc tool.

Very nice.

]]>Comment on Provisioning a Windows Azure Active Directory Tenant as an Identity Provider in an ACS Namespace by robertobhttps://blogs.msdn.microsoft.com/vbertocci/2012/11/07/provisioning-a-windows-azure-active-directory-tenant-as-an-identity-provider-in-an-acs-namespace/#comment-13363
Fri, 28 Dec 2012 13:17:31 +0000https://blogs.msdn.microsoft.com/vbertocci/2012/11/07/provisioning-a-windows-azure-active-directory-tenant-as-an-identity-provider-in-an-acs-namespace/#comment-13363What should I make of the puid claim issued by o365 and azure active directory tenants that I've enabled as identity providers in my acs namespace federation provider setups? Is it a unique value that will stay the same regardless of name changes similar to old passport [ -> liveId – > microsoft account ] puids?
]]>Comment on Windows Identity Foundation in the .NET Framework 4.5 Beta: Tools, Samples, Claims Everywhere by martin.altenstedt@gmail.comhttps://blogs.msdn.microsoft.com/vbertocci/2012/03/15/windows-identity-foundation-in-the-net-framework-4-5-beta-tools-samples-claims-everywhere/#comment-13353
Wed, 12 Dec 2012 05:19:03 +0000https://blogs.msdn.microsoft.com/vbertocci/2012/03/15/windows-identity-foundation-in-the-net-framework-4-5-beta-tools-samples-claims-everywhere/#comment-13353Any news on the missing Silverlight OOB sample as commented by Remco Blok?
]]>